Identity and Access Governance provides control and visibility into access across an organisation, so that management can gather the information it needs to address compliance mandates and governance requirements.

Control access for regulatory compliance

Empower business users

Manager the user lifecycle (joiners, movers, leavers)

Manage segregation of duties policies

Improve audit performance while lower cost

Control and monitor privileged users

Enable advanced analytics for risk management

Related resources

Consumer Identity Management is the on-ramp to the Identity Economy, providing the mechanism to leverage your stores of identity information to improve your customers’ experience and generate new business.

Achieve a unified view of customers’ identity information

Simplify registration and authentication via social sign-on

Enhance user experiences

Increase sales through online channels

Related resources

Access Management provides the delivery platform for your organisation’s online services. Originally designed for centralised web access, Access Management technology has evolved to support a variety of platforms from web browsers to smartphones, tablets and the Internet of Things.

Give access to anyone, anywhere, via any device

Protect against threats and fraud via Adaptive and Risk Based Authentication

Gain flexibility and agility with Attribute Based Access Control

Enable secure collaboration among employees and partners

Enhance customer experience via single sign-on and user self service

Build customer confidence by ensuring data privacy and security

Related resources

The growth in mobile apps, cloud services, developer communities and the Internet of Things is driving organisations to expose valuable data through application programming interfaces, or APIs, to create innovative new services.

An Enterprise API Management and Security solution enables your organisation to streamline management, deployment and performance of APIs; enhance security and compliance through authentication, authorisation and audit capabilities; and maximise new business opportunities through the monetisation of APIs.

Organisations are under attack as cyber criminals successfully syphon off their intellectual property and the private information of individuals. Hackers will take advantage of any and every vulnerability to infiltrate networks, hijack transactions and steal data, including misplaced trust and dependence on cryptographic keys and digital certificates.

In this environment, protecting valuable data and transactions with encryption and digital signing is crucial, particularly in the cloud. Yet research has shown that the majority of organisations – often with tens of thousands of keys and certificates – do not know where they are deployed, how they are being used or who is using them, and do not have controls in place to secure them.

Identify vulnerabilities and secure high-value data and transactions

Enable cloud use by protecting data in shared or virtual environments

Gain complete control over your entire key and certificate inventory

Enforce security policies, attain compliance and manage risk

Related resources

Breaches happen. In today’s environment, the question is no longer “if” your data and computing systems will be breached, or even when. It’s probably already happened. The real questions are: are you aware of it; how can you minimise the damage; and how can you improve your defences in future?

Related resources

Social media is a two-edged sword. Organisations must embrace it to efficiently engage with their customers or citizens, partners and staff to remain competitive. At the same time social media opens organisations up to risks including data leakage, identify theft, legal violations, malware and reputational damage.

2009 Identity and Access Management Survey

A survey conducted by KPMG IT Advisory together with Everett Advisory is now available. This is a quality piece of research which provides valuable insights for organisations doing IAM, as well as companies like us who are supporting those initiatives. Congratulaions to John Hermans, Joris ter Hart, Willem Guensberg, Arjan van Vliet of KPMG, and Peter Valkenburg Erik Frambach of Everett for putting the report together. Downoad the report now.

While the report describes the European market, the findings are line-ball with our observations of the Australian customer base; and in summary:

Governance, Risk and Compliance is by far the main driver of IAM

Governance, Risk and Compliance is even more important than last year’s survey indicated;

The vast majority of IAM projects are still focused on their organisation’s directemployees;

Access attestation and certification services are ‘on the map’ and this is possibly at the expense of the implementation of complete IAM solutions.

This indicates a shift from more preventive controls to a detective approach focused on an organisation’s ‘crown jewels’.

Significant gaps exist between the expected and realised benefits of IAM

Although gaps between expectation and realisation still remain, over half of the respondents were satisfied with the outcome of their IAM project;

Organisations face difficulties in measuring the costs, benefits and quality of IAM services and related activities.

A lack of business buy-in is the main cause of IAM project failure

IAM projects are still mostly the responsibility of the IT department or the Security Officer;

50% of the respondents stated that the business was not ready for the proposed solution;

51% of the respondents indicated that there was a lack of support from management and stakeholders.